Monitoring Windows and Linux device equipment

Kaspersky Industrial CyberSecurity for Networks can monitor hardware on devices running Windows and Linux. While monitoring equipment, the application automatically receives information about the device equipment and registers events when the equipment or its characteristics change.

Equipment monitoring on Windows and Linux devices depends on the presence of Endpoint Agent on the devices and an integration between EPP applications and Kaspersky Industrial CyberSecurity for Networks being set up. Therefore, to use the equipment monitoring functionality, prepare the application to receive data from EPP applications. However, asset management methods for device activity detection and device information detection must be enabled on the integration server nodes.

The Windows/Linux equipment information is updated once a day. The information for which automatic update is disabled upon adding a device or changing the device information is not updated. The capability to disable automatic update is not available for some equipment details.

Windows and Linux equipment monitoring helps the application to get the information listed in the table below.

Information obtained by monitoring equipment on Windows and Linux devices

 

Information type

Displayed on the tab in the device details area

Ability to disable automatic update

Processors

Equipment

A dash indicating the absence of an item.

BIOS

Equipment

A dash indicating the absence of an item.

RAM

Equipment

A dash indicating the absence of an item.

Local drives

Equipment

A dash indicating the absence of an item.

Optical drives

Equipment

A dash indicating the absence of an item.

USB devices

Equipment

A dash indicating the absence of an item.

Network interfaces with MAC address

Addresses

A check box indicating the availability of an item.

Hardware vendor

General

A check box indicating the availability of an item.

Equipment model

General

A check box indicating the availability of an item.

Equipment version

General

A check box indicating the availability of an item.

When monitoring equipment on Windows and Linux devices, the application logs events through Asset Management. Events are registered with system event types that are assigned the following codes:

You can configure the available settings for event types under Settings → Event types.

You can view information about registered events when connected to the Server through the web interface.

Page top